CVE-2020-36834
📋 TL;DR
The Discount Rules for WooCommerce WordPress plugin has missing authorization checks on AJAX endpoints, allowing authenticated users with subscriber-level permissions to modify discount rules and configurations. This affects WordPress sites using the plugin version 2.0.2 or earlier. Attackers can alter pricing rules, potentially causing financial loss or disruption.
💻 Affected Systems
- Discount Rules for WooCommerce WordPress plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers could modify all discount rules, create fraudulent discounts, disable legitimate promotions, or manipulate plugin settings to disrupt e-commerce operations, leading to significant revenue loss.
Likely Case
Subscribers or low-privilege users could create unauthorized discounts for themselves or others, bypass intended pricing, or disrupt normal discount functionality.
If Mitigated
With proper access controls and monitoring, impact is limited to rule modifications that can be detected and reverted before causing major damage.
🎯 Exploit Status
Exploitation requires authenticated access but only subscriber-level permissions. Public proof-of-concept exists showing AJAX endpoint manipulation.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 2.0.3 or later
Vendor Advisory: https://patchstack.com/articles/multiple-vulnerabilities-in-discount-rules-for-woocommerce-plugin/
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find 'Discount Rules for WooCommerce'. 4. Click 'Update Now' if available. 5. If manual update needed, download version 2.0.3+ from WordPress.org, deactivate old version, upload new version, and activate.
🔧 Temporary Workarounds
Temporary Plugin Deactivation
allDisable the vulnerable plugin until patched
wp plugin deactivate discount-rules-for-woocommerce
Restrict User Roles
allTemporarily limit subscriber-level user creation and review existing accounts
🧯 If You Can't Patch
- Implement web application firewall (WAF) rules to block unauthorized AJAX requests to the plugin endpoints
- Monitor and audit discount rule changes and user activity logs for suspicious modifications
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin > Plugins > Installed Plugins for 'Discount Rules for WooCommerce' version number. If version is 2.0.2 or lower, you are vulnerable.Check Version:
wp plugin get discount-rules-for-woocommerce --field=versionVerify Fix Applied:
After updating, verify plugin version shows 2.0.3 or higher in WordPress admin plugins list.📡 Detection & Monitoring
Log Indicators:
- Unusual AJAX requests to /wp-admin/admin-ajax.php with actions related to discount rules from low-privilege users
- Unexpected modifications to discount rules or plugin settings in WooCommerce logs
Network Indicators:
- POST requests to admin-ajax.php with 'action' parameters containing 'wdr', 'awdr', or similar discount rule related strings from non-admin users
SIEM Query:
source="wordpress.log" AND (uri="/wp-admin/admin-ajax.php") AND (user_role="subscriber" OR user_role="contributor") AND (action="*wdr*" OR action="*awdr*")